5 matches found
CVE-2024-28116 Server-Side Template Injection (SSTI) with Grav CMS security sandbox bypass
Grav is an open-source, flat-file content management system. Grav CMS prior to version 1.7.45 is vulnerable to a Server-Side Template Injection SSTI, which allows any authenticated user editor permissions are sufficient to execute arbitrary code on the remote server bypassing the existing securit...
Apple OS X/iOS Kernel - IOSurface Use-After-Free
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=831 IOSurfaceRootUserClient stores a task struct pointer passed in via IOServiceOpen in the field at +0xf0 without taking a reference. By killing the corrisponding task we can free this pointer leaving the user client with a dangli...
Oracle Java Runtime Environment 'Reflection API'任意代码执行漏洞
Oracle Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 Oracle Java SE 7包括最近发布的1.7.021-b11存在一个安全漏洞,允许远程攻击者利用漏洞绕过Java安全沙盒,并以WEB浏览器上下文执行任意代码。 要成功利用此漏洞需要用户有一定的交互,如在显示安全警告窗口时需要用户接受执行潜在恶意Java应用的风险。 根据研究者声称,此漏洞还影响Server JRE 7。 0 Oracle Java SE 7及之前版本 厂商解决方案 目前没有详细解决方案提供: http://www.oracle.com...
Oracle Java SE Unspecified Vulnerability - Feb 13 (Windows)
This host is installed with Oracle Java SE and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gboraclejavaseunspecifiedvulnfeb13win.nasl 7699 2017-11-08 12:10:34Z santu $ Oracle Java SE Unspecified Vulnerability - Feb 13 Windows Authors: Arun Kallavi Copyright: Copyright c...
CVE-2013-1490
Unspecified vulnerability in Oracle Java SE 7 Update 11 JRE 1.7.011-b21 allows user-assisted remote attackers to bypass the Java security sandbox via unspecified vectors, aka "Issue 51," a different vulnerability than CVE-2013-0431. NOTE: as of 20130130, this vulnerability does not contain any...